Skip to content

converted apache spark cve-2022-33891 to templated#827

Closed
robert-doyensec wants to merge 1 commit into
google:masterfrom
doyensec:spark-cve-2022-33891-templated
Closed

converted apache spark cve-2022-33891 to templated#827
robert-doyensec wants to merge 1 commit into
google:masterfrom
doyensec:spark-cve-2022-33891-templated

Conversation

@robert-doyensec
Copy link
Copy Markdown
Collaborator

@robert-doyensec robert-doyensec commented May 2, 2026

Testbed changes at doyensec/security-testbeds#28

{
  "scanStatus": "SUCCEEDED",
  "scanFindings": [{
    "targetInfo": {
      "networkEndpoints": [{
        "type": "IP_HOSTNAME_PORT",
        "ipAddress": {
          "addressFamily": "IPV4",
          "address": "192.168.65.254"
        },
        "port": {
          "portNumber": 8081
        },
        "hostname": {
          "name": "host.docker.internal"
        }
      }]
    },
    "networkService": {
      "networkEndpoint": {
        "type": "IP_HOSTNAME_PORT",
        "ipAddress": {
          "addressFamily": "IPV4",
          "address": "192.168.65.254"
        },
        "port": {
          "portNumber": 8081
        },
        "hostname": {
          "name": "host.docker.internal"
        }
      },
      "transportProtocol": "TCP",
      "serviceName": "http",
      "serviceContext": {
        "webServiceContext": {
        }
      }
    },
    "vulnerability": {
      "mainId": {
        "publisher": "TSUNAMI_COMMUNITY",
        "value": "CVE_2022_33891"
      },
      "relatedId": [{
        "publisher": "CVE",
        "value": "CVE-2022-33891"
      }],
      "severity": "CRITICAL",
      "title": "CVE-2022-33891 Apache Spark UI RCE",
      "description": "The Apache Spark UI has spark.acls.enable configuration option which provides capability to modify the application according to user\u0027s permissions. When the config is true, the vulnerable versions of Spark checks the group membership of the user without proper controls, that results in blind command injection in username parameter.",
      "recommendation": "You can upgrade your Spark instances to 3.2.2, or 3.3.0 or later"
    }
  }],
  "scanStartTimestamp": "2026-05-02T12:08:34.174Z",
  "scanDuration": "4.121s",
  "fullDetectionReports": {
    "detectionReports": [{
      "targetInfo": {
        "networkEndpoints": [{
          "type": "IP_HOSTNAME_PORT",
          "ipAddress": {
            "addressFamily": "IPV4",
            "address": "192.168.65.254"
          },
          "port": {
            "portNumber": 8081
          },
          "hostname": {
            "name": "host.docker.internal"
          }
        }]
      },
      "networkService": {
        "networkEndpoint": {
          "type": "IP_HOSTNAME_PORT",
          "ipAddress": {
            "addressFamily": "IPV4",
            "address": "192.168.65.254"
          },
          "port": {
            "portNumber": 8081
          },
          "hostname": {
            "name": "host.docker.internal"
          }
        },
        "transportProtocol": "TCP",
        "serviceName": "http",
        "serviceContext": {
          "webServiceContext": {
          }
        }
      },
      "detectionTimestamp": "2026-05-02T12:08:38.172Z",
      "detectionStatus": "VULNERABILITY_VERIFIED",
      "vulnerability": {
        "mainId": {
          "publisher": "TSUNAMI_COMMUNITY",
          "value": "CVE_2022_33891"
        },
        "relatedId": [{
          "publisher": "CVE",
          "value": "CVE-2022-33891"
        }],
        "severity": "CRITICAL",
        "title": "CVE-2022-33891 Apache Spark UI RCE",
        "description": "The Apache Spark UI has spark.acls.enable configuration option which provides capability to modify the application according to user\u0027s permissions. When the config is true, the vulnerable versions of Spark checks the group membership of the user without proper controls, that results in blind command injection in username parameter.",
        "recommendation": "You can upgrade your Spark instances to 3.2.2, or 3.3.0 or later"
      }
    }]
  },
  "reconnaissanceReport": {
    "targetInfo": {
      "networkEndpoints": [{
        "type": "IP_HOSTNAME_PORT",
        "ipAddress": {
          "addressFamily": "IPV4",
          "address": "192.168.65.254"
        },
        "port": {
          "portNumber": 8081
        },
        "hostname": {
          "name": "host.docker.internal"
        }
      }]
    },
    "networkServices": [{
      "networkEndpoint": {
        "type": "IP_HOSTNAME_PORT",
        "ipAddress": {
          "addressFamily": "IPV4",
          "address": "192.168.65.254"
        },
        "port": {
          "portNumber": 8081
        },
        "hostname": {
          "name": "host.docker.internal"
        }
      },
      "transportProtocol": "TCP",
      "serviceName": "http",
      "serviceContext": {
        "webServiceContext": {
        }
      }
    }]
  },
  "targetAlive": true
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@robert-doyensec